App-sshca
1 match

 view release on metacpan or  search on metacpan

bin/sshca  view on Meta::CPAN 

            %config = $cfg->%*;

            return;
        }
    }
}

sub _map_certs($dir, $cb) {
    opendir( my $dh, $dir )
        or die "Could not open directory '$dir': $!";

    for my $file ( File::Spec->no_upwards( readdir($dh) ) ) {
        my $path = File::Spec->catfile( $dir, $file );

        if (-d $path) {
            _map_certs( $path, $cb );
        } else {
            $cb->( cert_load_from_path( $path ), $path );
        }
    }

    closedir($dh);
}

sub map_certs($cb) {
    _map_certs( opt( 'certsdir' ), $cb );
    return;
}

sub cert_new($identity, %args) {
    return {
        id => $identity,
        type => $args{type} // 'user',
        schema_version => "1",
        state => 'ISSUED',
        %args{qw(pubkey principals options validity)}
    };
}

sub cert_renew($cert, $serial) {
    return {
        $cert->%*, serial => $serial, state => 'ISSUED'
    };
}

sub cert_identity($cert) {
    return $cert->{id};
}

sub cert_path($serial_or_cert, $create = undef) {
    my $serial = (ref $serial_or_cert)
        ? $serial_or_cert->{serial} : $serial_or_cert;
    $digest->reset;
    $digest->add( "$serial" );
    my $hash = $digest->hexdigest;
    $hash =~ m/^(..)(..)/;

    my $dir = File::Spec->catdir( opt( 'certsdir' ), $1, $2 );
    if ($create) {
        make_path $dir;
        ###TODO: verify success!
    }
    return File::Spec->catfile( $dir, "$hash.json");
}

sub cert_load_from_path($path) {
    open(my $fh, '<:encoding(UTF-8)', $path)
        or die "Unable to open certificate file '$path': $!";
    return $json->decode( do { local $/ = undef; <$fh> } );
}

sub cert_load($serial) {
    my $path = cert_path($serial);
    open(my $fh, '<:encoding(UTF-8)', $path)
        or die "Unable to open certificate file for serial '$serial': $!";

    my $rv;
    unless (eval { $rv = $json->decode( do { local $/ = undef; <$fh> } ); 1; }) {
        die "Failed to load cert data from '$path': $@";
    }

    return $rv;
}

sub cert_save($cert) {
    my $serial = cert_serial( $cert );
    my $path = cert_path( $serial, 1 );
    open(my $fh, '>:encoding(UTF-8)', $path)
        or die "Unable to create certificate file for serial '$serial'";
    print $fh $json->encode( $cert );
}

sub cert_pubkey($cert, $pubkey = undef) {
    $cert->{pubkey} = $pubkey if defined $pubkey;
    return $cert->{pubkey};
}

sub cert_certkey($cert, $certkey = undef) {
    $cert->{certkey} = $certkey if defined $certkey;
    return $cert->{certkey};
}

sub cert_principals($cert, $principals = undef) {
    $cert->{principals} = $principals if defined $principals;
    return $cert->{principals} ? $cert->{principals}->@* : ();
}

sub cert_options($cert, $options = undef) {
    $cert->{options} = $options if defined $options;
    return $cert->{options} ? $cert->{options}->@* : ();
}

sub cert_state($cert, $state = undef) {
    $cert->{state} = $state if defined $state;
    return $cert->{state};
}

sub cert_validity($cert, $validity = undef) {
    $cert->{validity} = $validity if defined $validity;
    return $cert->{validity};
}



( run in 1.619 second using v1.01-cache-2.11-cpan-39bf76dae61 )